Cloud services are constantly attacked by online hackers. In some cases, online hackers attack cloud services using automated procedures (such as bots) that push legitimate users away from online goods and resources (e.g., by beating them to online sales) or to log into legitimate user accounts (e.g., using brute force). Many cloud services respond to such threats by implementing protocols for detecting automated procedures. For example, a cloud service may require that users verify that they are human before allowing the users to complete certain tasks. Verification protocols traditionally involve asking users to complete a challenge, such as solving a logical problem. For example, a cloud service may show an image containing obscured characters to a user and then ask the user to determine which characters the obscured characters represent and to submit information identifying the characters.
Unfortunately, traditional challenges may be tedious and difficult to solve. As a result, human users may fail the challenges or experience frustration in attempting to complete them. Furthermore, many traditional challenges may be easily parsed by attacking software. In consequence, attacking software may successfully complete such challenges, leading to a false positive human verification. Accordingly, the instant disclosure identifies a need for improved systems and methods for human verification that is both easy for humans to successfully complete and difficult for attacking software to mimic.